Bogachev has a $3m bounty on his head for allegedly masterminding the Gameover Zeus botnet. Romanian hacker Nicolae Popescu is also listed for $1m while the others range from $50,000 to $100,000.

Bogachev, who also goes by the pseudonyms of “Lucky12345,” “Pollingsoon,” and “Slavic,” is believed to have created the infamous Gameover Zeus, which targets Windows computers and steals passwords for online banking logins as well as bank account numbers.

The botnet, which spread malware like ransomware, has supposedly infected more than a million computers and been behind the theft of over $100m. Small businesses were often targeted.

Bogachev is facing ten charges including conspiracy, money laundering, and aggravated identity theft. He is understood to be leading cyber-crime ‘gangs’ in Russia and Ukraine. “While Bogachev knowingly acted in a role as an administrator, others involved in the scheme conspired to distribute spam and phishing emails, which contained links to compromised web sites,” said the FBI.

He was first charged in 2012 and authorities believe that Bogachev is still in Russia and a possible flight risk. Authorities say they have been investigating him since 2009. “Bogachev was last known to reside in Anapa, Russia,” according the FBI. “He is known to enjoy boating and may travel to locations along the Black Sea in his boat. He also owns property in Krasnodar, Russia.”

Also listed are the “Jabberzeus Subjects,” a collective of hackers in Russia and Ukraine wanted for using the malicious Zeus software.

The second infamous cybercriminal on the list is Romanian hacker Nicolae Popescu, with a reward of $1m. He is wanted for charges such as passport fraud and trafficking in counterfeit services.

On the run since 2012, Popescu was allegedly involved in a “sophisticated Internet Fraud scheme” with operations in Romania and Europe. The FBI has no location in mind for him but believe he is somewhere in Europe.

The authorities are also putting up $100,000 for Russian citizen Alexsey Belan, who is accused of hacking into three US major US-based e-commerce companies in Nevada and California. He is believed to have stolen and attempted to sell millions of users’ data. Belan could be in Russia, Greece, Latvia, or as far afield as the Maldives or Thailand. His last recorded location was in Athens, Greece.

The rest of the list features smaller bounties for cybercriminals scattered around the globe for various intrusions and fraud attempts.